<?php
	//基本帐户类
	class account
	{
		var $database = null;

		function account()
		{
			$this->database = load( 'database' );
		}

		//给前台调用返回用户所有详细资料（由于ajax跨域不能直接使用原接口）
		function detail( $account_id = '' )
		{
			if( $account_id == '' )
			{
				$temp = $this->login_info();
				$account_id = $temp['id'];
			}
			$sql = "select * from account where id=$account_id";
			$result = $this->database->unique( $sql );

			return $result;
		}

		function set_baseinfo( $data, $passport = '' )
		{
			$format = array( 'sex' => '', 'realName' => '', 'nickName' => '', 'area' => '', 'age' => '', 'constellation' => '', 'birthday' => '', 'sign' => '', 'native' => '', 'race' => '' );
			$baseInfo = '';

			if ( $passport == '' )
			{
				$detail = $this->detail();
				$cookie = load( 'cookie' );
				$HS_PASSPORT = $cookie->get( 'HS_PASSPORT' );
			}
			else
			{
				$detail = array( 'username' => $data['nickName'] );
				$HS_PASSPORT = $passport;
			}

			$check_data = $this->passport( $HS_PASSPORT );
			$user_id = isset( $check_data['data']['id'] ) ? $check_data['data']['id'] : 0;
			$nickname = isset( $data['nickName'] ) && $data['nickName'] != '' ? $data['nickName'] : '';
			$city = isset( $data['city'] ) && $data['city'] != '' ? $data['city'] : '';

			if ( $nickname != '' || $city != '' )
			{
				if ( $nickname != '' ) $this->database->command( "update account set nickname = '" . $nickname . "' where user_id = " . $user_id );
			}

			return '0';
		}

		//修改密码
		function set_password( $data )
		{
			$result = '1';
			$temp = $this->login_info();

			if ( $temp['id'] != '' && $temp['status'] == 0 && isset( $data['old'] ) && $data['old'] != '' && isset( $data['new'] ) && $data['new'] != '' )
			{
				$sql = "update account set password = '" . md5( $data['new'] ) . "' where password = '" . md5( $data['old'] ) . "' and id=" . $temp['id'];
				$result = $this->database->command( $sql );
				$result = $result == 0 ? 1 : 0;
			}

			return $result;
		}

		//注册
		function register( $data )
		{
			$result = array();

			if ( ! empty( $data['username'] ) && ! empty( $data['passwd'] ) )
			{
				$ctime = time();
				$type = 1;
				$role_id = $data['role_id'];
				$status = 0;
				$username  = $data['username'];
				$passwd  = md5( $data['passwd'] );
				$last_ip = $_SERVER['REMOTE_ADDR'];
				$last_login = time();
				$sql = "select id from account where username='$username' ";
				$data = $this->database->unique( $sql );
				if( empty( $data['id'] ) )
				{
					$sql = "insert into account (username,password,role_id,status,last_ip,last_login) values ('" . $username . "','" . $passwd  . "',$role_id,$status,'" . $last_ip . "'," . $last_login . ")";
					$this->database->command( $sql );
					$result['status'] = 0;
					$result['id'] = $this->database->id();
				}
				else
				{
					$result['message'] = '用户名重复';
				}
			}

			return $result;
		}

		//登录
		function login( $data )
		{
			$return = array( 'status' => 0, 'username'=> '', 'account_id' => 0, 'type' => 0 );

			if ( isset( $data['user'] ) && isset( $data['passwd'] ) && $data['user'] != '' && $data['passwd'] != '' )
			{
				$temp = $this->database->unique( "select id,username,password,role_id from account where status=0 and username = '" . $data['user'] . "'" );
				$data['user'] = isset( $temp['username'] ) ? $temp['username'] : '';
				$data['passwd'] = md5( $data['passwd'] );
				if( $data['user'] != '' )
				{
					if( $data['passwd'] == $temp['password'] )
					{
						$return['status'] = 0;
						$return['username'] = $temp['username'];
						$return['account_id'] = $temp['id'];
						$return['id'] = $temp['id'];
						$return['role_id'] = $temp['role_id'];
						$_SESSION[ 'user_info' ] = $return;

						$this->_login( array( 'user_id' => $return['account_id'] ) );
					}
				}
				else
				{
					$return['status'] = 2;	//用户名或密码错误
				}
			}
			else
			{
				$return['status'] = 1; //参数错误
			}

			return $return;
		}


		function _login( $data )
		{
			$last_ip = $_SERVER['REMOTE_ADDR'];
			$sql = "update account set last_ip = '" . $last_ip . "', last_login = " . time() . " where id = " . $data['user_id'];
			$this->database->command( $sql );
		}

		function login_info()
		{
			return $_SESSION[ 'user_info' ];
		}


		//退出
		function logout()
		{
			$_SESSION[ 'user_info' ] = '';
			unset( $_SESSION[ 'user_info' ] );
		}

		function staff( $user_id )
		{
			$result = array();
			if ( preg_match( '!^\d+$!', $user_id ) ) $result = $this->database->unique( 'select * from account where user_id = ' . $user_id );

			if ( isset( $result['type'] ) && $result['type'] == 2 )
			{
				$temp = $this->database->unique( 'select worker_id, level_id from actor where account_id = ' . $result['id'] );
				$result['worker_id'] = $temp['worker_id'];
				$result['level_id'] = $temp['level_id'];
			}

			return $result;
		}


		//判断是否拥有权限
		function check( $account_id, $privilege_id )
		{
			$result = false;

			if ( preg_match( '!^\d+$!', $account_id ) && preg_match( '!^\d+$!', $privilege_id ) )
			{
				$sql = 'select role_privilege.id from account, role_privilege where account.id = ' . $account_id . ' and account.role_id = role_privilege.role_id and role_privilege.privilege_id = ' . $privilege_id;

				$temp = $this->database->unique( $sql );
				$result = isset( $temp['id'] );
			}

			return $result;
		}

		function import( $data = '' )
		{
			$cookie = load( 'cookie' );
			$account_id = -1;
			$nickname = '';
			$info = $this->passport( $data );

			if ( $info['success'] )
			{
				$temp = $this->database->unique( 'select id, nickname from account where user_id = ' . $info['data']['id'] );

				if ( ! isset( $temp['id'] ) )
				{
					$remote_info = $this->info( $info['data']['username'], 'name_by_remote' );

					if ( isset( $remote_info['nickName'] ) )
					{
						$data = array( 'username' => $info['data']['username'], 'email' => $info['data']['email'], 'user_id' => $info['data']['id'], 'type' => 0, 'role_id' => 0, 'nickname' => $remote_info['nickName'], 'headerimg' => $remote_info['img'], 'create_time' => time(), 'real_name' => $info['data']['username'], 'last_login' => time() );

						$account_id = $this->database->add( 'account', $data );
						$nickname = $remote_info['nickName'];
					}
				}
				else
				{
					$account_id = $temp['id'];
					$nickname = $temp['nickname'];
				}

				if ( preg_match( '!^\d+$!', $account_id ) ) $cookie->set( 'HS_V2', $account_id, true );
			}

			return array( 'account_id' => $account_id, 'nickname' => $nickname );
		}


		function passport( $data = '' )
		{
			if ( $data == '' )
			{
				$cookie = config( 'cookie' );
				$data = isset( $cookie['HS_PASSPORT'] ) ? $cookie['HS_PASSPORT'] : '';
			}

			if ( $data != '' )
			{
				$str = $data;
				$key = <<<EOD
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCkqjaIErk9gkZLP5C4r5tzEeTG
ogJgudIp36kFXJ8e4xsIdUcj302m6YeNuXxq0P4LJtpGAx+o+nAAVsJBkMVivILe
YXizLLDBHFRu+CuDD/rTYWhPRQgQYmYR+xe4eSXooVq6RiJ4qhCODboijDpfEoWB
bXdgNnVGKEeqhn4QEwIDAQAB
-----END PUBLIC KEY-----
EOD;
				$str = str_replace( ' ', '+', $str );
				$pos = strrpos( $str, ',' );
				$sign = substr( $str, $pos + 1 );
				$data = substr( $str, 0, $pos );
				$temp = explode( ',', $str );

				$result = openssl_verify( $data, base64_decode( $sign, TRUE ), $key, OPENSSL_ALGO_SHA1 );
				return $result == 1 && preg_match( '!^\d+$!', $temp[1] ) ? array( 'success' => true, 'data' => array( 'username' => $temp[0], 'id' => $temp[1], 'email' => $temp[2] ) ) : array( 'success' => false, 'data' => array() );
			}
			else
			{
				return array( 'success' => false, 'data' => array() );
			}
		}

		//获取帐户信息
		function info( $data, $style = 'id_by_local' )
		{
			$result = array();
			$host = config( 'domain.www' );

			if ( $style == 'id_by_local' && preg_match( '!^\d+$!', $data ) )
			{
				$result = $this->database->unique( 'select * from account where id = ' . $data );
			}
			if ( $style == 'id_by_actor' && preg_match( '!^\d+$!', $data ) )
			{
				$result = $this->database->unique( 'select * from account a inner join actor b on a.id=b.account_id where a.id = ' . $data );
			}
			else if ( $style == 'name_by_local' && $data != '' )
			{
				$result = $this->database->unique( "select * from account where username = '" . $data . "'");
			}
			if ( $style == 'id_by_remote' && preg_match( '!^\d+$!', $data ) )
			{
				$result = $this->database->unique( "select * from account where id = " . $data );
			}
			else if ( $style == 'name_by_remote' && $data != '' )
			{
				$result = $this->database->unique( "select * from account where username = '" . $data . "'");
			}

			return $result;
		}


		function call( $url, $format = true, $cookie = '' )
		{
			$ch = curl_init();
			curl_setopt( $ch, CURLOPT_URL, $url );
			curl_setopt( $ch, CURLOPT_HEADER, 0 );
			curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1 );
			curl_setopt( $ch, CURLOPT_USERAGENT, 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 2.0.50727' );
			if ( $cookie != '' ) curl_setopt( $ch, CURLOPT_COOKIE, str_replace( ' ', '+', $cookie ) );
			$data = curl_exec( $ch );
			curl_close( $ch );

			return $format ? get_object_vars( json_decode( $data ) ) : $data;
		}

		//删除基本帐号
		function del( $data )
		{
			$result = array( 'success' => false, 'message' => array() );

			if ( isset( $data['id'] ) && preg_match( '!^\d+$!', $data['id'] ) )
			{
				$this->database->command( 'update account set status = 1 where id = ' . $data['id'] );
				$result['success'] = true;
			}
			else
			{
				$result['message'][] = '请传递帐户ID';
			}

			return $result;
		}
	}
?>